下面列出了io.grpc.netty.shaded.io.grpc.netty.NegotiationType#io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
@Test
public void tcnative() throws Exception {
server = NettyServerBuilder.forPort(0)
.useTransportSecurity(TestUtils.loadCert("server1.pem"), TestUtils.loadCert("server1.key"))
.addService(new SimpleServiceImpl())
.build().start();
channel = NettyChannelBuilder
.forAddress("localhost", server.getPort())
.sslContext(
GrpcSslContexts.configure(SslContextBuilder.forClient(), SslProvider.OPENSSL)
.trustManager(TestUtils.loadCert("ca.pem")).build())
.overrideAuthority("foo.test.google.fr")
.build();
SimpleServiceBlockingStub stub = SimpleServiceGrpc.newBlockingStub(channel);
assertThat(SimpleResponse.getDefaultInstance())
.isEqualTo(stub.unaryRpc(SimpleRequest.getDefaultInstance()));
}
public static NettyServerBuilder getServerBuilder()
{
final NettyServerBuilder serverBuilder =
NettyServerBuilder.forAddress(new InetSocketAddress(getServerHost(), getServerPort()));
if (getBoolean(TLS))
{
final Path certificatesDir = Configuration.certificatesDirectory();
final SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(
certificatesDir.resolve("server.pem").toFile(), certificatesDir.resolve("server.key").toFile())
.trustManager(certificatesDir.resolve("ca.pem").toFile())
.clientAuth(ClientAuth.REQUIRE);
GrpcSslContexts.configure(sslClientContextBuilder);
try
{
serverBuilder.sslContext(sslClientContextBuilder.build());
}
catch (final SSLException ex)
{
LangUtil.rethrowUnchecked(ex);
}
}
return serverBuilder;
}
@Test
public void tcnative() throws Exception {
server = NettyServerBuilder.forPort(0)
.useTransportSecurity(TestUtils.loadCert("server1.pem"), TestUtils.loadCert("server1.key"))
.addService(new SimpleServiceImpl())
.build().start();
channel = NettyChannelBuilder
.forAddress("localhost", server.getPort())
.sslContext(
GrpcSslContexts.configure(SslContextBuilder.forClient(), SslProvider.OPENSSL)
.trustManager(TestUtils.loadCert("ca.pem")).build())
.overrideAuthority("foo.test.google.fr")
.build();
SimpleServiceBlockingStub stub = SimpleServiceGrpc.newBlockingStub(channel);
assertThat(SimpleResponse.getDefaultInstance())
.isEqualTo(stub.unaryRpc(SimpleRequest.getDefaultInstance()));
}
private static NettyChannelBuilder createSecureChannel(
String host, int port, Optional<Path> certPath, Optional<Path> keyPath, Optional<Path> caPath)
throws SSLException {
SslContextBuilder contextBuilder = GrpcSslContexts.forClient();
if (certPath.isPresent() && keyPath.isPresent()) {
contextBuilder.keyManager(certPath.get().toFile(), keyPath.get().toFile());
}
if (caPath.isPresent()) {
contextBuilder.trustManager(caPath.get().toFile());
}
return channelBuilder(host, port)
.sslContext(contextBuilder.build())
.negotiationType(NegotiationType.TLS);
}
private SslContextBuilder getSslContextBuilder() {
log.info("Grpc config: Configuring ssl cert {} key {} trust {}",
grpcProperties.getTls().getCertChainFile(), grpcProperties.getTls().getPrivateKeyFile(), grpcProperties.getTls().getTrustCertCollectionFile());
SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(
new File(grpcProperties.getTls().getCertChainFile()),
new File(grpcProperties.getTls().getPrivateKeyFile())
);
if (grpcProperties.getTls().getTrustCertCollectionFile() != null) {
sslClientContextBuilder.trustManager(new File(grpcProperties.getTls().getTrustCertCollectionFile()));
sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE);
}
return GrpcSslContexts.configure(sslClientContextBuilder, SslProvider.OPENSSL);
}
private static SslContext buildSslContext(String trustCertCollectionFilePath,
String clientCertChainFilePath,
String clientPrivateKeyFilePath) throws SSLException {
SslContextBuilder builder = GrpcSslContexts.forClient();
if (trustCertCollectionFilePath != null) {
builder.trustManager(new File(trustCertCollectionFilePath));
}
if (clientCertChainFilePath != null && clientPrivateKeyFilePath != null) {
builder.keyManager(new File(clientCertChainFilePath), new File(clientPrivateKeyFilePath));
}
return builder.build();
}
private SslContextBuilder getSslContextBuilder() {
String certChainFilePath = AppSettings.getInstance().getString(AppSettings.TLS_CERTIFICATE_PATH);
String privateKeyFilePath = AppSettings.getInstance().getString(AppSettings.TLS_PRIVATE_KEY_PATH);
SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(
new File(certChainFilePath),
new File(privateKeyFilePath));
return GrpcSslContexts.configure(
sslClientContextBuilder,
SslProvider.OPENSSL);
}
public static ManagedChannel getServerChannel()
{
final NettyChannelBuilder channelBuilder =
NettyChannelBuilder.forAddress(getServerHost(), getServerPort());
if (getBoolean(TLS))
{
final Path certificatesDir = Configuration.certificatesDirectory();
final SslContextBuilder sslClientContextBuilder = GrpcSslContexts.forClient()
.trustManager(certificatesDir.resolve("ca.pem").toFile())
.keyManager(
certificatesDir.resolve("client.pem").toFile(), certificatesDir.resolve("client.key").toFile());
try
{
channelBuilder.sslContext(sslClientContextBuilder.build());
}
catch (final SSLException ex)
{
LangUtil.rethrowUnchecked(ex);
}
}
else
{
channelBuilder.usePlaintext();
}
return channelBuilder.build();
}